From d6c0c04a468e3246999504765419a382f2502b5f Mon Sep 17 00:00:00 2001 From: zzangkkmin Date: Mon, 24 Feb 2025 14:39:49 +0900 Subject: [PATCH 1/4] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20jwt=EA=B4=80=EB=A0=A8?= =?UTF-8?q?=20=ED=8C=8C=EC=9D=BC=20=EC=9D=B4=EB=8F=99=20=EB=B0=8F=20?= =?UTF-8?q?=EC=BB=A8=ED=8A=B8=EB=A1=A4=EB=9F=AC/=EC=84=9C=EB=B9=84?= =?UTF-8?q?=EC=8A=A4=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=82=AD=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../_delivery/config/WebSecurityConfig.java | 6 ++--- .../user/controller/UserController.java | 17 +------------- .../user/jwt}/JwtAuthenticationFilter.java | 3 +-- .../user/jwt}/JwtAuthorizationFilter.java | 3 +-- .../user/jwt}/JwtBlacklistRepository.java | 2 +- .../{util => domain/user/jwt}/JwtUtil.java | 2 +- .../domain/user/service/UserService.java | 22 +------------------ 7 files changed, 9 insertions(+), 46 deletions(-) rename src/main/java/com/sparta/spring_deep/_delivery/{config/security => domain/user/jwt}/JwtAuthenticationFilter.java (95%) rename src/main/java/com/sparta/spring_deep/_delivery/{config/security => domain/user/jwt}/JwtAuthorizationFilter.java (96%) rename src/main/java/com/sparta/spring_deep/_delivery/{util => domain/user/jwt}/JwtBlacklistRepository.java (88%) rename src/main/java/com/sparta/spring_deep/_delivery/{util => domain/user/jwt}/JwtUtil.java (98%) diff --git a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java index fcff52f..efd0180 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java @@ -1,9 +1,9 @@ package com.sparta.spring_deep._delivery.config; -import com.sparta.spring_deep._delivery.config.security.JwtAuthenticationFilter; -import com.sparta.spring_deep._delivery.config.security.JwtAuthorizationFilter; +import com.sparta.spring_deep._delivery.domain.user.jwt.JwtAuthenticationFilter; +import com.sparta.spring_deep._delivery.domain.user.jwt.JwtAuthorizationFilter; import com.sparta.spring_deep._delivery.domain.user.details.UserDetailsServiceImpl; -import com.sparta.spring_deep._delivery.util.JwtUtil; +import com.sparta.spring_deep._delivery.domain.user.jwt.JwtUtil; import lombok.RequiredArgsConstructor; import org.springframework.boot.autoconfigure.security.servlet.PathRequest; import org.springframework.context.annotation.Bean; diff --git a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/controller/UserController.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/controller/UserController.java index 66de2f6..9bca7f4 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/controller/UserController.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/controller/UserController.java @@ -7,7 +7,7 @@ import com.sparta.spring_deep._delivery.domain.user.dto.UserDto; import com.sparta.spring_deep._delivery.domain.user.entity.User; import com.sparta.spring_deep._delivery.domain.user.service.UserService; -import com.sparta.spring_deep._delivery.util.JwtUtil; +import com.sparta.spring_deep._delivery.domain.user.jwt.JwtUtil; import jakarta.validation.Valid; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -53,21 +53,6 @@ public ResponseEntity signup(@RequestBody UserDto userDto, BindingResult bind return new ResponseEntity<>(newUser, HttpStatus.CREATED); } - @PostMapping("/login") - public ResponseEntity login(@Valid @RequestBody LoginRequestDto loginRequestDto, - BindingResult bindingResult) { - if (bindingResult.hasErrors()) { - String errorMsg = bindingResult.getFieldError("username") != null ? - bindingResult.getFieldError("username").getDefaultMessage() : "Invalid input"; - logger.error("Login validation failed: {}", errorMsg); - return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(errorMsg); - } - - LoginResponseDto loginResponseDto = userService.login(loginRequestDto); - logger.info("User logged in successfully: {}", loginResponseDto.getUsername()); - return ResponseEntity.ok(loginResponseDto); - } - @PostMapping("/logout") public ResponseEntity logout(@RequestHeader(value = "Authorization") String token) { // 클라이언트쪽에서 JWT 토큰 무효화해야 함! diff --git a/src/main/java/com/sparta/spring_deep/_delivery/config/security/JwtAuthenticationFilter.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java similarity index 95% rename from src/main/java/com/sparta/spring_deep/_delivery/config/security/JwtAuthenticationFilter.java rename to src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java index a90e9a4..c70f2ed 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/config/security/JwtAuthenticationFilter.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java @@ -1,10 +1,9 @@ -package com.sparta.spring_deep._delivery.config.security; +package com.sparta.spring_deep._delivery.domain.user.jwt; import com.fasterxml.jackson.databind.ObjectMapper; import com.sparta.spring_deep._delivery.domain.user.details.UserDetailsImpl; import com.sparta.spring_deep._delivery.domain.user.dto.LoginRequestDto; import com.sparta.spring_deep._delivery.domain.user.entity.UserRole; -import com.sparta.spring_deep._delivery.util.JwtUtil; import jakarta.servlet.FilterChain; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; diff --git a/src/main/java/com/sparta/spring_deep/_delivery/config/security/JwtAuthorizationFilter.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthorizationFilter.java similarity index 96% rename from src/main/java/com/sparta/spring_deep/_delivery/config/security/JwtAuthorizationFilter.java rename to src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthorizationFilter.java index be183df..9128232 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/config/security/JwtAuthorizationFilter.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthorizationFilter.java @@ -1,7 +1,6 @@ -package com.sparta.spring_deep._delivery.config.security; +package com.sparta.spring_deep._delivery.domain.user.jwt; import com.sparta.spring_deep._delivery.domain.user.details.UserDetailsServiceImpl; -import com.sparta.spring_deep._delivery.util.JwtUtil; import io.jsonwebtoken.Claims; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; diff --git a/src/main/java/com/sparta/spring_deep/_delivery/util/JwtBlacklistRepository.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtBlacklistRepository.java similarity index 88% rename from src/main/java/com/sparta/spring_deep/_delivery/util/JwtBlacklistRepository.java rename to src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtBlacklistRepository.java index 3c7de92..7600613 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/util/JwtBlacklistRepository.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtBlacklistRepository.java @@ -1,4 +1,4 @@ -package com.sparta.spring_deep._delivery.util; +package com.sparta.spring_deep._delivery.domain.user.jwt; import java.util.concurrent.ConcurrentHashMap; import org.springframework.stereotype.Component; diff --git a/src/main/java/com/sparta/spring_deep/_delivery/util/JwtUtil.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtUtil.java similarity index 98% rename from src/main/java/com/sparta/spring_deep/_delivery/util/JwtUtil.java rename to src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtUtil.java index 48edbf8..6089d3a 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/util/JwtUtil.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtUtil.java @@ -1,4 +1,4 @@ -package com.sparta.spring_deep._delivery.util; +package com.sparta.spring_deep._delivery.domain.user.jwt; import com.sparta.spring_deep._delivery.domain.user.entity.UserRole; import io.jsonwebtoken.Claims; diff --git a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/service/UserService.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/service/UserService.java index ac7094d..e0ee7d5 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/service/UserService.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/service/UserService.java @@ -10,7 +10,7 @@ import com.sparta.spring_deep._delivery.domain.user.entity.UserRole; import com.sparta.spring_deep._delivery.domain.user.repository.UserRepository; import com.sparta.spring_deep._delivery.exception.DuplicateResourceException; -import com.sparta.spring_deep._delivery.util.JwtUtil; +import com.sparta.spring_deep._delivery.domain.user.jwt.JwtUtil; import java.time.LocalDateTime; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -69,26 +69,6 @@ public User registerUser(UserDto userDto) { return user; } - public LoginResponseDto login(LoginRequestDto loginRequestDto) { - Authentication authentication = authenticationManager.authenticate( - new UsernamePasswordAuthenticationToken(loginRequestDto.getUsername(), - loginRequestDto.getPassword()) - ); - - SecurityContextHolder.getContext().setAuthentication(authentication); - UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal(); - - User user = userDetails.getUser(); - String username = userDetails.getUsername(); - String email = user.getEmail(); - IsPublic isPublic = user.getIsPublic(); - UserRole userRole = user.getRole(); - - String jwt = jwtUtil.createJwt(username, userRole); - - return new LoginResponseDto(jwt, username, email, userRole, isPublic); - } - public User updateUser(String userName, UserDto userDto) { User user = userRepository.findByUsernameAndIsDeletedFalse(userName) .orElseThrow(() -> new RuntimeException("User not found!")); From 238f86c2f4662cb1d7c7498105eb955c66d359a7 Mon Sep 17 00:00:00 2001 From: zzangkkmin Date: Mon, 24 Feb 2025 15:44:25 +0900 Subject: [PATCH 2/4] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80=20=EB=B0=8F=20=EC=9D=91=EB=8B=B5=EB=B0=94=EB=94=94=20?= =?UTF-8?q?=EA=B0=92=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../_delivery/config/WebSecurityConfig.java | 6 ++- .../user/jwt/JwtAuthenticationFilter.java | 49 +++++++++++++++++-- .../user/repository/UserRepository.java | 3 ++ 3 files changed, 53 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java index efd0180..18784fa 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java @@ -4,6 +4,7 @@ import com.sparta.spring_deep._delivery.domain.user.jwt.JwtAuthorizationFilter; import com.sparta.spring_deep._delivery.domain.user.details.UserDetailsServiceImpl; import com.sparta.spring_deep._delivery.domain.user.jwt.JwtUtil; +import com.sparta.spring_deep._delivery.domain.user.repository.UserRepository; import lombok.RequiredArgsConstructor; import org.springframework.boot.autoconfigure.security.servlet.PathRequest; import org.springframework.context.annotation.Bean; @@ -15,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @@ -24,6 +26,8 @@ public class WebSecurityConfig { private final JwtUtil jwtUtil; + private final UserRepository userRepository; + private final PasswordEncoder passwordEncoder; private final UserDetailsServiceImpl userDetailsService; private final AuthenticationConfiguration authenticationConfiguration; @@ -193,7 +197,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti */ @Bean public JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception { - JwtAuthenticationFilter filter = new JwtAuthenticationFilter(jwtUtil); + JwtAuthenticationFilter filter = new JwtAuthenticationFilter(jwtUtil, userRepository , passwordEncoder); filter.setAuthenticationManager(authenticationConfiguration.getAuthenticationManager()); return filter; } diff --git a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java index c70f2ed..393ae03 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java @@ -3,15 +3,25 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.sparta.spring_deep._delivery.domain.user.details.UserDetailsImpl; import com.sparta.spring_deep._delivery.domain.user.dto.LoginRequestDto; +import com.sparta.spring_deep._delivery.domain.user.entity.IsPublic; +import com.sparta.spring_deep._delivery.domain.user.entity.User; import com.sparta.spring_deep._delivery.domain.user.entity.UserRole; +import com.sparta.spring_deep._delivery.domain.user.repository.UserRepository; import jakarta.servlet.FilterChain; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; +import java.util.HashMap; +import java.util.Map; +import java.util.Optional; import lombok.extern.slf4j.Slf4j; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.DisabledException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; /** @@ -21,9 +31,13 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter { private final JwtUtil jwtUtil; + private final UserRepository userRepository; + private final PasswordEncoder passwordEncoder; - public JwtAuthenticationFilter(JwtUtil jwtUtil) { + public JwtAuthenticationFilter(JwtUtil jwtUtil, UserRepository userRepository, PasswordEncoder passwordEncoder) { this.jwtUtil = jwtUtil; + this.userRepository = userRepository; + this.passwordEncoder = passwordEncoder; setFilterProcessesUrl("/api/users/login"); } @@ -34,6 +48,20 @@ public Authentication attemptAuthentication(HttpServletRequest request, LoginRequestDto requestDto = new ObjectMapper().readValue(request.getInputStream(), LoginRequestDto.class); + // 사용자 조회 - 없는 회원 + Optional user = userRepository.findByUsername(requestDto.getUsername()); + if(user.isEmpty()) { + throw new UsernameNotFoundException("unable to find user"); + } + // 삭제된 회원 + else if(user.get().getIsDeleted()) { + throw new DisabledException("unable to find user"); + } + // 비번 불일치 + else if(!passwordEncoder.matches(requestDto.getPassword(), user.get().getPassword())) { + throw new BadCredentialsException("unable to find user"); + } + return getAuthenticationManager().authenticate( new UsernamePasswordAuthenticationToken( requestDto.getUsername(), @@ -49,15 +77,28 @@ public Authentication attemptAuthentication(HttpServletRequest request, @Override protected void successfulAuthentication(HttpServletRequest request, - HttpServletResponse response, FilterChain chain, Authentication authResult) { + HttpServletResponse response, FilterChain chain, Authentication authResult) + throws IOException { - String username = ((UserDetailsImpl) authResult.getPrincipal()).getUsername(); - UserRole role = ((UserDetailsImpl) authResult.getPrincipal()).getUser().getRole(); + UserDetailsImpl userDetails = (UserDetailsImpl) authResult.getPrincipal(); + String username = userDetails.getUsername(); + String email = userDetails.getUser().getEmail(); + UserRole role = userDetails.getUser().getRole(); + IsPublic isPublic = userDetails.getUser().getIsPublic(); String token = jwtUtil.createJwt(username, role); System.out.println(token); response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token); + // body에 담기 + Map responseBody = new HashMap<>(); + responseBody.put("username", username); + responseBody.put("email", email); + responseBody.put("role", role); + responseBody.put("isPublic", isPublic); + + response.setContentType("application/json"); + new ObjectMapper().writeValue(response.getOutputStream(), responseBody); } @Override diff --git a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/repository/UserRepository.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/repository/UserRepository.java index 6f1a4d6..c3ae317 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/repository/UserRepository.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/repository/UserRepository.java @@ -1,6 +1,7 @@ package com.sparta.spring_deep._delivery.domain.user.repository; import com.sparta.spring_deep._delivery.domain.user.entity.User; +import java.util.List; import java.util.Optional; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; @@ -8,6 +9,8 @@ @Repository public interface UserRepository extends JpaRepository, UserRepositoryCustom { + Optional findByUsername(String username); + Optional findByUsernameAndIsDeletedFalse(String username); Optional findByEmail(String email); From 43e72568dfd60358bcae59c2725e828528927225 Mon Sep 17 00:00:00 2001 From: zzangkkmin Date: Mon, 24 Feb 2025 16:14:25 +0900 Subject: [PATCH 3/4] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80=20=EB=B0=8F=20=EC=9D=91=EB=8B=B5=EB=B0=94=EB=94=94=20?= =?UTF-8?q?=EA=B0=92=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../sparta/spring_deep/_delivery/config/WebSecurityConfig.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java index 18784fa..f9b3481 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java @@ -27,7 +27,6 @@ public class WebSecurityConfig { private final JwtUtil jwtUtil; private final UserRepository userRepository; - private final PasswordEncoder passwordEncoder; private final UserDetailsServiceImpl userDetailsService; private final AuthenticationConfiguration authenticationConfiguration; @@ -197,7 +196,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti */ @Bean public JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception { - JwtAuthenticationFilter filter = new JwtAuthenticationFilter(jwtUtil, userRepository , passwordEncoder); + JwtAuthenticationFilter filter = new JwtAuthenticationFilter(jwtUtil, userRepository , passwordEncoder()); filter.setAuthenticationManager(authenticationConfiguration.getAuthenticationManager()); return filter; } From a18e82dcadb2b64fc89e1441d51eb4cfeff9f9dc Mon Sep 17 00:00:00 2001 From: zzangkkmin Date: Mon, 24 Feb 2025 16:48:09 +0900 Subject: [PATCH 4/4] =?UTF-8?q?=F0=9F=A9=B9=20fix:=20=EB=B6=88=ED=95=84?= =?UTF-8?q?=EC=9A=94=ED=95=9C=20=EC=A4=91=EB=B3=B5=EB=90=98=EB=8A=94=20?= =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0=20&=20=EB=B0=94?= =?UTF-8?q?=EB=94=94=20=EA=B0=92=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../_delivery/config/WebSecurityConfig.java | 2 +- .../user/jwt/JwtAuthenticationFilter.java | 43 +------------------ 2 files changed, 3 insertions(+), 42 deletions(-) diff --git a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java index f9b3481..e39134a 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/config/WebSecurityConfig.java @@ -196,7 +196,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti */ @Bean public JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception { - JwtAuthenticationFilter filter = new JwtAuthenticationFilter(jwtUtil, userRepository , passwordEncoder()); + JwtAuthenticationFilter filter = new JwtAuthenticationFilter(jwtUtil); filter.setAuthenticationManager(authenticationConfiguration.getAuthenticationManager()); return filter; } diff --git a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java index 393ae03..8e5b3f9 100644 --- a/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java +++ b/src/main/java/com/sparta/spring_deep/_delivery/domain/user/jwt/JwtAuthenticationFilter.java @@ -3,25 +3,15 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.sparta.spring_deep._delivery.domain.user.details.UserDetailsImpl; import com.sparta.spring_deep._delivery.domain.user.dto.LoginRequestDto; -import com.sparta.spring_deep._delivery.domain.user.entity.IsPublic; -import com.sparta.spring_deep._delivery.domain.user.entity.User; import com.sparta.spring_deep._delivery.domain.user.entity.UserRole; -import com.sparta.spring_deep._delivery.domain.user.repository.UserRepository; import jakarta.servlet.FilterChain; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import java.util.HashMap; -import java.util.Map; -import java.util.Optional; import lombok.extern.slf4j.Slf4j; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.DisabledException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; /** @@ -31,13 +21,9 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter { private final JwtUtil jwtUtil; - private final UserRepository userRepository; - private final PasswordEncoder passwordEncoder; - public JwtAuthenticationFilter(JwtUtil jwtUtil, UserRepository userRepository, PasswordEncoder passwordEncoder) { + public JwtAuthenticationFilter(JwtUtil jwtUtil) { this.jwtUtil = jwtUtil; - this.userRepository = userRepository; - this.passwordEncoder = passwordEncoder; setFilterProcessesUrl("/api/users/login"); } @@ -48,19 +34,6 @@ public Authentication attemptAuthentication(HttpServletRequest request, LoginRequestDto requestDto = new ObjectMapper().readValue(request.getInputStream(), LoginRequestDto.class); - // 사용자 조회 - 없는 회원 - Optional user = userRepository.findByUsername(requestDto.getUsername()); - if(user.isEmpty()) { - throw new UsernameNotFoundException("unable to find user"); - } - // 삭제된 회원 - else if(user.get().getIsDeleted()) { - throw new DisabledException("unable to find user"); - } - // 비번 불일치 - else if(!passwordEncoder.matches(requestDto.getPassword(), user.get().getPassword())) { - throw new BadCredentialsException("unable to find user"); - } return getAuthenticationManager().authenticate( new UsernamePasswordAuthenticationToken( @@ -82,23 +55,11 @@ protected void successfulAuthentication(HttpServletRequest request, UserDetailsImpl userDetails = (UserDetailsImpl) authResult.getPrincipal(); String username = userDetails.getUsername(); - String email = userDetails.getUser().getEmail(); UserRole role = userDetails.getUser().getRole(); - IsPublic isPublic = userDetails.getUser().getIsPublic(); String token = jwtUtil.createJwt(username, role); - System.out.println(token); - response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token); - - // body에 담기 - Map responseBody = new HashMap<>(); - responseBody.put("username", username); - responseBody.put("email", email); - responseBody.put("role", role); - responseBody.put("isPublic", isPublic); - response.setContentType("application/json"); - new ObjectMapper().writeValue(response.getOutputStream(), responseBody); + response.addHeader(JwtUtil.AUTHORIZATION_HEADER, token); } @Override